KEPServerEX is vulnerable to a buffer overflow which may allow an attacker to crash the product being accessed or leak information.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:HGe Industrial Gateway Server
APPGe≤ 7.614Ptc Keepserverex
APPPtc≤ 6.14.263.0Ptc Opc Aggregator
APPPtc≤ 6.14Ptc Thingworx Industrial Connectivity
APPPtcwszystkie wersjePtc Thingworx Kepware Edge
APPPtc≤ 1.7Ptc Thingworx Kepware Server
APPPtc≤ 6.14.263.0Rockwellautomation Kepserver Enterprise
APPRockwellautomation≤ 6.14.263.0Softwaretoolbox Top Server
APPSoftwaretoolbox≤ 6.14.263.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Memory
Related vulnerabilities
CVE-2022-2825CRITICAL9.8ten sam produkt
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPS...
CVE-2022-2848CRITICAL9.1ten sam produkt
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPS...
CVE-2023-0755CRITICAL9.8ten sam produkt
The affected products are vulnerable to an improper validation of array index, which could allow an attacker ...
CVE-2023-0754CRITICAL9.8ten sam produkt
The affected products are vulnerable to an integer overflow or wraparound, which could allow an attacker to ...
CVE-2020-27265CRITICAL9.8ten sam produkt
KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial Connectivity: All ver...